Report - sdgfghtwer.duckdns.org/

Report Overview

Submitted URL
sdgfghtwer.duckdns.org/
IP
45.82.249.211
ASN
#35913 DEDIPATH-LLC
Submitted
2023-04-25 05:28:23
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
21
Network Intrusion Detection
54
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sdgfghtwer.duckdns.org	unknown	No data	No data	8.7 kB	706 kB	45.82.249.211
www.apple.com	182	2012-05-21	2023-04-23	6.2 kB	91 kB	23.38.200.210
appleid.cdn-apple.com	3288	2013-09-15	2023-04-24	459 B	2.1 kB	104.110.15.217

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:05	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:05	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:06	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:06	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:07	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:07	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:07	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-04-25 05:32:07	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-04-25 05:32:07	medium	Client IP	45.82.249.211	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/
2023-04-24	medium	sdgfghtwer.duckdns.org/

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-25	medium	sdgfghtwer.duckdns.org/
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/fonts
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/common-header.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/authService.latest.min.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/signin.html
2023-04-25	medium	sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.woff
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/jquery.cookie.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.ttf
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js
2023-04-25	medium	sdgfghtwer.duckdns.org/static/apple/shared-icons.woff

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.js	130 kB	2023-03-11	2023-04-25
Pretty URL sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.js IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:11:12 Last Seen2023-04-25 07:28:24 Times Seen4 Hash c3b332f44f62706975c664a68eeede53 a982796fdaec06efb31862a4f623de7378dcccc7 a0a22aadbf5667e80149475e6ba05df10d16f9b338605d3c05b118d6ffde358a Loading...

	sdgfghtwer.duckdns.org/static/apple/jquery.cookie.js	3.1 kB	2023-03-07	2024-04-27
Pretty URL sdgfghtwer.duckdns.org/static/apple/jquery.cookie.js IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-04-27 00:44:08 Times Seen9166 Hash d5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Loading...

	sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-27
Pretty URL sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 01:42:42 Times Seen23404 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	www.apple.com/ac/globalfooter/3/ja_JP/scripts/ac-globalfooter.built.js	14 kB	2023-03-11	2024-04-02
Pretty URL www.apple.com/ac/globalfooter/3/ja_JP/scripts/ac-globalfooter.built.js IP 23.38.200.210 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:11:12 Last Seen2024-04-02 13:07:08 Times Seen19 Hash d87aa5188a9a04c462d9d7452edb1b20 c52adf3cbecf823a9acfb33137356d566b1b4f94 9b4ffd68f881fb0e47feea921088e6b6610efe52c8eeb8a574a51da978fa736b Loading...

	sdgfghtwer.duckdns.org/static/apple/common-header.js	25 kB	2023-03-11	2023-04-25
Pretty URL sdgfghtwer.duckdns.org/static/apple/common-header.js IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:11:12 Last Seen2023-04-25 07:28:24 Times Seen3 Hash 7eb07cff8a12dac881e13dbc61f2a79f 317009bcea94fc7360cacab97ab3680f553900b8 a691c30793820e47879d66b19b75cf286508a505bf04c58e97b7b6c1204ce8e5 Loading...

	sdgfghtwer.duckdns.org/static/apple/authService.latest.min.js	44 kB	2023-04-25	2023-04-25
Pretty URL sdgfghtwer.duckdns.org/static/apple/authService.latest.min.js IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-25 07:28:24 Last Seen2023-04-25 07:28:24 Times Seen2 Hash b3b143a1d6dbf12df738387ec913721c b30786de4b016bbea36533ab8b1dc3469c355c29 31dae530287d4678cdee62d344ea69e70c778a4bd38e8114c1c768a27fb1070b Loading...

	sdgfghtwer.duckdns.org/static/apple/signin.html	0 B	2023-03-07	2024-04-27
Pretty URL sdgfghtwer.duckdns.org/static/apple/signin.html IP 45.82.249.211 ASN #35913 DEDIPATH-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:09:26 Times Seen37108652 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (34)

URL IP Response Size

sdgfghtwer.duckdns.org/

45.82.249.211

200 OK

11 kB

URL User Request GET HTTP/1.1
sdgfghtwer.duckdns.org/
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11957)
Size
11 kB (10767 bytes)
Hash
67dc8c52199abf1d143223efc8417f39
bd72cba4761b149dc882cf3eefd81f39a7d61b7b
39392dab28bd82dd36fe5add8c2379ec175f76f4e6e2c1a3fbea66efefb0e55d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET / HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88; Path=/; HttpOnly
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/fonts

45.82.249.211

404 Not Found

883 B

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/fonts
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
883 B (883 bytes)
Hash
f7833337b601524f194acff94a65fda5
560b8bb065f2d25c310fa1e49e7e6a187355b661
8b85ba17c5e614150afd26ebb9a51942b60b9429d5e5df1c47c9414afa334a26

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/fonts HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.css

45.82.249.211

200 OK

12 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.css
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
Unicode text, UTF-8 text, with very long lines (65128), with no line terminators
Size
12 kB (11905 bytes)
Hash
33a96b1ebe838fe88c3829a805b4427d
71f282a2456c5c9534b3db36dd626fbd2bcd5a4f
bc2ef03e0a09da41801b5d9a272bf909958b1a662487e2c805b9648ec57274c5

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/ac-globalnav.built.css HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/ac-globalfooter.built.css

45.82.249.211

200 OK

6.5 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/ac-globalfooter.built.css
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
Unicode text, UTF-8 text, with very long lines (48912)
Size
6.5 kB (6545 bytes)
Hash
c866cd0c1f91857be1a4bcac248cb11e
27f7f3df2bb75807c759324c4eb180e8eb0d0304
d67e58ebc8ffe312ccccf3a5841687b4a61e40b7d5349bac66cbf6a1ae9941ea

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/ac-globalfooter.built.css HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/common-header.js

45.82.249.211

200 OK

10 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/common-header.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
ASCII text, with very long lines (11003)
Size
10 kB (10195 bytes)
Hash
a9e8236edba950bbf5ecb7d0a43e6b36
5946eb5cddb97f44357d69388bb7e47dc1fd3d44
636bdb6c24ed3cf8bd3b16eff11b6739add1934aab9cc0195a868d4781dc1c6d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/common-header.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:08 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/authService.latest.min.js

45.82.249.211

200 OK

15 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/authService.latest.min.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
ASCII text, with very long lines (44073)
Size
15 kB (14663 bytes)
Hash
3f630cb0d8bcde1a717f24e13b8563a8
926765fa9921dfbee8ca00744160c595ff72ae40
0e9f14b5c227306980c95074bd23d6587a52b0d772085f6da0c3e0d14dcb4875

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/authService.latest.min.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:08 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

www.apple.com/ac/globalfooter/3/ja_JP/scripts/ac-globalfooter.built.js

23.38.200.210

200 OK

4.6 kB

URL GET HTTP/2
www.apple.com/ac/globalfooter/3/ja_JP/scripts/ac-globalfooter.built.js
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
ASCII text, with very long lines (14175), with no line terminators
Size
4.6 kB (4606 bytes)
Hash
70cab40f3169de604d53f27a59b72db5
e1ca89a918503687e4931f43d61618cbd40a3076
408d7912a743405d152c12a99e3204d40bbeddb186b727f88caa224fed729d03

HTTP Headers

GET /ac/globalfooter/3/ja_JP/scripts/ac-globalfooter.built.js HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Apple
content-type: application/x-javascript
set-cookie: geo=NO; path=/; domain=.apple.com
x-content-type-options: nosniff
x-cache-remote: TCP_REFRESH_HIT from a2-19-185-54.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
vary: Accept-Encoding
ntcoent-length: 14175
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
cache-control: max-age=295
expires: Tue, 25 Apr 2023 05:33:04 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
content-length: 4606
x-cache: TCP_REFRESH_HIT from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/scripts/ac-globalnav.built.js

23.38.200.210

200 OK

34 kB

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/scripts/ac-globalnav.built.js
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
ASCII text, with very long lines (32069)
Size
34 kB (33923 bytes)
Hash
b5e83673b2e83d5f357483fab60ddfd8
edb277011ae45d3f8322a1f2c7465629853475f7
3974cec901b9d0644237212873416567f814b7706cc96bda1f150f03376166d8

HTTP Headers

GET /ac/globalnav/3/ja_JP/scripts/ac-globalnav.built.js HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Apple
content-type: application/x-javascript
set-cookie: geo=NO; path=/; domain=.apple.com
x-content-type-options: nosniff
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
vary: Accept-Encoding
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
cache-control: max-age=236
expires: Tue, 25 Apr 2023 05:32:05 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
content-length: 33923
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
X-Firefox-Spdy: h2

sdgfghtwer.duckdns.org/static/apple/app.css

45.82.249.211

200 OK

44 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/app.css
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
ASCII text, with very long lines (479), with CRLF line terminators
Size
44 kB (43478 bytes)
Hash
ebbd323d6caa0f2fcb9b06a9c02f727f
9a69cdfa79c926bc9810bb8babfd51bfdcf6e0bd
a12cd9d3aab55a6db43e17d1ddaf83e8101111c4bfdf96e23249c0e3d297aea4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/app.css HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js

45.82.249.211

200 OK

37 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
ASCII text, with very long lines (32089)
Size
37 kB (36739 bytes)
Hash
ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/jquery-1.9.1.min.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:10 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/JPNflag.png

45.82.249.211

200 OK

3.3 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/JPNflag.png
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3276 bytes)
Hash
542ab726c931692b36917e16952cc460
13c5bc8b5c1850c6a303bd853c5f7e108f9a2732
bd4464c046badf5f6dac6efb123c9be38a90cf09598128b433d2edbbb3c67fe8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/JPNflag.png HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: image/png
Content-Length: 3276
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 06:44:10 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/apple/image_large.svg

23.38.200.210

200 OK

793 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/apple/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
793 B (793 bytes)
Hash
b06b12d43ba4102939521ec2ef7c971c
29ebeb4fc00bffe9468a6b097e1f4e4f5c3a3313
4b7fb1c0d7fc9caf83698aee9d91cf36c16f9ddc8e04a32b3ab9cb742b542c94

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/apple/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 16 Feb 2017 00:00:35 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 793
cache-control: max-age=569
expires: Tue, 25 Apr 2023 05:37:38 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/ipad/image_large.svg

23.38.200.210

200 OK

832 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/ipad/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
832 B (832 bytes)
Hash
7ef3f6e6dd1e94472ec667c8de9d98f7
b7a64bc733912c70f5cee59e6d1e6a4956de1722
4c3792d5cf7d3aa51d1ccc20a2cf63e7a00a7f2744939ea7ae5af52d0e23be4e

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/ipad/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:59 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
nncoection: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 832
cache-control: max-age=514
expires: Tue, 25 Apr 2023 05:36:43 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/iphone/image_large.svg

23.38.200.210

200 OK

880 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/iphone/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
880 B (880 bytes)
Hash
d1c11877e577f52ec8d0061efcf9ed3c
eae5868e120823a92df64b1fa1e529681ef8c013
0b1c33493ea12ed52d2185d7a5f708880a7c297bdcd1245776d55b03ce5e5987

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/iphone/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 16 Feb 2017 00:00:06 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 880
cache-control: max-age=592
expires: Tue, 25 Apr 2023 05:38:01 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/watch/image_large.svg

23.38.200.210

200 OK

913 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/watch/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
913 B (913 bytes)
Hash
9d806f74417ef12ea16e1c4664cb5d14
08dc2145918e3d35fd4c1820e655d079df9d4809
e7b991d553ceb139228d311bd182f69a2b7794f2bb834b70bc6999622ba54a2b

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/watch/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:58 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 913
cache-control: max-age=579
expires: Tue, 25 Apr 2023 05:37:48 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/music/image_large.svg

23.38.200.210

200 OK

874 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/music/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
874 B (874 bytes)
Hash
d1260a98fecc227f485131ef6915dae3
f4a9e3e4e42d6367568bfbfa69b8b0e8f8431b2a
044db2ca6031f297469d4b6e78e2bb1cb30e9b10e0f391ade9c1c4f33c8414f4

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/music/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:27 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
nncoection: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 874
cache-control: max-age=593
expires: Tue, 25 Apr 2023 05:38:02 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/mac/image_large.svg

23.38.200.210

200 OK

742 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/mac/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
742 B (742 bytes)
Hash
420ab2fa75d2304b7ec820d7157f76a9
9f7bc10dd2f12f7c6dba7994e7355ee004bdd183
cc76b9f535a0b4abc69f93433a3147399e34f131d85097a6dbe9e8d66ae315c9

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/mac/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 16 Feb 2017 00:00:00 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 742
cache-control: max-age=593
expires: Tue, 25 Apr 2023 05:38:02 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/search/image_large.svg

23.38.200.210

200 OK

502 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/search/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
502 B (502 bytes)
Hash
8db2b66659ae863c0a9a124d45cd84f9
dd75749096d7d94e64dca65e80f883a2f79a5015
a7372042afc21cae10072f400d2283923b3cb2ece4d93a62f8fbe9371f938419

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/search/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:41 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 502
cache-control: max-age=581
expires: Tue, 25 Apr 2023 05:37:50 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/tv/image_large.svg

23.38.200.210

200 OK

426 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/tv/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
426 B (426 bytes)
Hash
316f338934c7b4e8fa4e798dedbc0a4f
d0e34d1845ddbc99d361a1ce30ade5b56b6c7f22
3d96cffbfc55f2f0f45ec239b165f060de6ac0c19c6a832efd7ca6d0fa5013f3

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/tv/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:32 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
nncoection: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 426
cache-control: max-age=600
expires: Tue, 25 Apr 2023 05:38:09 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/bag/image_large.svg

23.38.200.210

200 OK

538 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/bag/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
538 B (538 bytes)
Hash
d17e7e7900db291ca84ea5ce419b7e8b
133912f015cc4c39e0923b59709c40e3aa368f95
8e8e4782060f30b55aedc6f29b6f0edc7120006055062a7e445d82bdc3435661

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/bag/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 16 Feb 2017 00:00:07 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 538
cache-control: max-age=582
expires: Tue, 25 Apr 2023 05:37:51 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/support/image_large.svg

23.38.200.210

200 OK

550 B

URL GET HTTP/2
www.apple.com/ac/globalnav/3/ja_JP/images/globalnav/links/support/image_large.svg
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (795)
Size
550 B (550 bytes)
Hash
d6a882d8e63ac685b5e3b76ce78a85a9
8b9a46c67ebabf23ff7c7ccb4b5e5fe7c21626af
c747659ae41202ea8c0ad8c611d786df334d93d4dcc427028232ea148a8bc3e2

HTTP Headers

GET /ac/globalnav/3/ja_JP/images/globalnav/links/support/image_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Feb 2017 23:59:45 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 550
cache-control: max-age=513
expires: Tue, 25 Apr 2023 05:36:42 GMT
date: Tue, 25 Apr 2023 05:28:09 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_REFRESH_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (S)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.js

45.82.249.211

200 OK

39 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/ac-globalnav.built.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
ASCII text, with very long lines (32069)
Size
39 kB (39112 bytes)
Hash
9c087583f373a3d73a3ac2c042b35154
8fdc62b17bc6a488aa040cc6d826e197c8fa5bee
278171ac914e5dfa3ba67d8724079fcf2810a2ab37f71b19b4db888ccf8f9354

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/ac-globalnav.built.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:09 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/signin.html

45.82.249.211

200 OK

3.1 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/signin.html
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1932)
Size
3.1 kB (3096 bytes)
Hash
cc08fe057f2c2ea33766e7244521255b
177774ab0de57c2fdc626586cc4bb12f3780d47c
06e01c5bf4320f14bfe4a6366f06bc9bdf1ceae609a785fa350673ac0d5884c3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/signin.html HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:12 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.woff

45.82.249.211

404 Not Found

2.0 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.woff
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
2.0 kB (2001 bytes)
Hash
32bb2f57d2379618f1418c664b759bb6
d80731a7c06015fc5f4aaf43eceb12f80839e027
11424c285182526e6cf692693cbfaff53d5a471f17f8713bf2cd5dcb834e66d4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/assets/ac-footer/legacy/appleicons_text.woff HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/ac-globalfooter.built.css
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2001
Connection: keep-alive
Vary: Accept-Encoding

appleid.cdn-apple.com/static/bin/cb3606853004/images/favicon.ico

104.110.15.217

1.6 kB

URL GET
appleid.cdn-apple.com/static/bin/cb3606853004/images/favicon.ico
IP
104.110.15.217:0
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectappleid.cdn-apple.com
FingerprintB5:C9:5E:69:21:B6:B5:88:22:04:24:DD:C2:27:A2:9D:5F:D7:D6:BE
ValidityTue, 19 Apr 2022 16:22:38 GMT - Fri, 19 May 2023 16:22:37 GMT

File type
MS Windows icon resource - 4 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
1.6 kB (1628 bytes)
Hash
0b3389d96530d233beca5e396cb12608
88b0e1f430d106249ad21b16bdf33e1faea7b589
e65ddb464994c243b7f71d6d440d7cbe4f52b78c3de8da9e740c3472b71185eb

HTTP Headers

GET /static/bin/cb3606853004/images/favicon.ico HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apple
Content-Type: image/x-icon
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"9062-1597331093329"
Last-Modified: Thu, 13 Aug 2020 15:04:53 GMT
Vary: accept-encoding
Content-Encoding: gzip
Host: appleid.apple.com
Content-Length: 1628
Date: Tue, 25 Apr 2023 05:28:10 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://appleid.apple.com

sdgfghtwer.duckdns.org/static/apple/app_icons@2x.png

45.82.249.211

200 OK

84 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/app_icons@2x.png
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
PNG image data, 1312 x 136, 8-bit/color RGB, non-interlaced\012- data
Size
84 kB (84429 bytes)
Hash
2aad428bbc44806c7432f70185d03a51
f99044dca265c068ce82567c202224dec6cbfe6b
d135ab21ef95d00771f7bffbd2f01acbace778329f93457b51d3b6738453db00

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/app_icons@2x.png HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/app.css
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: image/png
Content-Length: 84429
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 06:44:08 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

sdgfghtwer.duckdns.org/static/apple/jquery.cookie.js

45.82.249.211

200 OK

1.4 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/jquery.cookie.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
ASCII text
Size
1.4 kB (1421 bytes)
Hash
4cd3995bf9a06595ba9f10c4e930daa8
0aa715c082f5a12174f0f827372e3aa5fe2116bf
5c6855225fbc78fdbadc7416c2e16b5bcd449424098a6d69c583d0a396ca479e

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/jquery.cookie.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/signin.html
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:10 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

www.apple.com/ac/flags/1/images/jp/16.png

23.38.200.210

404 Not Found

28 kB

URL GET HTTP/2
www.apple.com/ac/flags/1/images/jp/16.png
IP
23.38.200.210:443
ASN
#16625 AKAMAI-AS

Requested by
http://sdgfghtwer.duckdns.org/
Certificate
IssuerApple Inc.
Subjectwww.apple.com
Fingerprint7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50
ValidityTue, 19 Apr 2022 15:50:00 GMT - Fri, 19 May 2023 15:49:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (32958)
Size
28 kB (27595 bytes)
Hash
95511868e087ac4c87946a200ca41597
aabc55add078fa39efb2bd9b92e2729a7f4e3538
7a5477b13f854506410e36c616de19b9ddb6b1d74a70c6ee1c53b1bccf8305f2

HTTP Headers

GET /ac/flags/1/images/jp/16.png HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: Apple
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 27595
cache-control: max-age=294
expires: Tue, 25 Apr 2023 05:33:04 GMT
date: Tue, 25 Apr 2023 05:28:10 GMT
x-cache: TCP_MISS from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a2-19-185-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.ttf

45.82.249.211

404 Not Found

883 B

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/assets/ac-footer/legacy/appleicons_text.ttf
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
883 B (883 bytes)
Hash
f7833337b601524f194acff94a65fda5
560b8bb065f2d25c310fa1e49e7e6a187355b661
8b85ba17c5e614150afd26ebb9a51942b60b9429d5e5df1c47c9414afa334a26

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/assets/ac-footer/legacy/appleicons_text.ttf HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/ac-globalfooter.built.css
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/app1.css

45.82.249.211

200 OK

63 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/app1.css
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
63 kB (62821 bytes)
Hash
d5f179b13bdadf6abeaf1399a09f4bfb
e9e2fcb7930ba2265b8b5ec326db6e9484fd0483
25e9a2669a0be44954b99a2d959a9801b44dd6b6e8f0e6a4f33beb934916aa2d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/app1.css HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/signin.html
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js

45.82.249.211

200 OK

37 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/jquery-1.9.1.min.js
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
ASCII text, with very long lines (32089)
Size
37 kB (36739 bytes)
Hash
ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/jquery-1.9.1.min.js HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/signin.html
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 17 Mar 2022 06:44:10 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

sdgfghtwer.duckdns.org/static/apple/aid_logo@2x.png

45.82.249.211

200 OK

4.0 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/aid_logo@2x.png
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
PNG image data, 420 x 112, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (3997 bytes)
Hash
b4078eac966b821303e7dd5c64918cb5
8942c5c68a7b16459b1e76749d4831ae6269d161
96bd12fa872c60925e262ff82e9cde8dd531e5b1d1887f9c4dc059199cea1750

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/aid_logo@2x.png HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/signin.html
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: image/png
Content-Length: 3997
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 06:44:06 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

sdgfghtwer.duckdns.org/static/apple/shared-icons.woff

45.82.249.211

200 OK

9.6 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/shared-icons.woff
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/static/apple/signin.html

File type
Web Open Font Format, TrueType, length 9552, version 1.0\012- data
Size
9.6 kB (9552 bytes)
Hash
e9e7624727ba14678b9a71b6f90745e3
0f0b7625cd06387c601f1632b0f69719b920f68a
6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/shared-icons.woff HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/app1.css
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: font/woff
Content-Length: 9552
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 06:44:12 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

sdgfghtwer.duckdns.org/static/apple/apple_id_desktop_2880x1260.jpg

45.82.249.211

200 OK

317 kB

URL GET HTTP/1.1
sdgfghtwer.duckdns.org/static/apple/apple_id_desktop_2880x1260.jpg
IP
45.82.249.211:80
ASN
#35913 DEDIPATH-LLC

Requested by
http://sdgfghtwer.duckdns.org/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2880x1260, components 3\012- data
Size
317 kB (317207 bytes)
Hash
c2c1f07dfc597ace249a037f13e516c7
314173eaa00bd4be0d8ee98084b62e3072d71574
80d7c4158ea60fed4e394e00a580aa46a23d4566bda143eca32d319a7959ab08

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Apple Inc.

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

HTTP Headers

GET /static/apple/apple_id_desktop_2880x1260.jpg HTTP/1.1
Host: sdgfghtwer.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sdgfghtwer.duckdns.org/static/apple/app.css
Cookie: sessionid=2954292c6936e342ffb85bc7d8b32d88
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Apr 2023 05:28:10 GMT
Content-Type: image/jpeg
Content-Length: 317207
Connection: keep-alive
Last-Modified: Thu, 17 Mar 2022 06:44:08 GMT
Expires: Thu, 25 May 2023 05:28:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL User Request GET HTTP/1.1

IP

ASN

File type